Cleans up some left-over comments

Signed-off-by: Darshit Chanpura <[email protected]>

src/main/java/org/opensearch/security/auth/BackendRegistry.java

@@ -287,7 +287,7 @@ && isBlocked(((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).g
                         if (isTraceEnabled) {
                             log.trace("No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'");
                         }
-                        notifyIpAuthFailureListeners(request, authCredentials); // is this needed here??
+                        notifyIpAuthFailureListeners(request, authCredentials);
                         channel.sendResponse(restResponse);
                         return false;
                     }
@@ -306,7 +306,7 @@ && isBlocked(((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).g
                     // credentials found in request but we need another client challenge
                     if (restResponse != null) {
                         // auditLog.logFailedLogin(ac.getUsername()+" <incomplete>", request); --noauditlog
-                        notifyIpAuthFailureListeners(request, ac); // is this needed here??
+                        notifyIpAuthFailureListeners(request, ac);
                         channel.sendResponse(restResponse);
                         return false;
                     } else {